qijiale - Security Researcher - Exploit Intelligence Platform

CVE-2024-57579 WRITEUP CRITICAL WRITEUP

Tenda AC18 Firmware V15.03.05.19 - Stack Overflow via limitSpeedUp Parameter

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function.

CVSS 9.8

View Code

CVE-2024-57580 WRITEUP CRITICAL WRITEUP

Tenda AC18 Firmware V15.03.05.19 - Stack Overflow via devName Parameter in formSetDeviceName

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.

CVSS 9.8

View Code

CVE-2024-57581 WRITEUP CRITICAL WRITEUP

Tenda AC18 Firmware V15.03.05.19 - Stack Overflow via formSetFirewallCfg firewallEn Parameter

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function.

CVSS 9.8

View Code

CVE-2024-57582 WRITEUP CRITICAL WRITEUP

Tenda AC18 V15.03.05.19 - Stack Overflow via startIP Parameter in formSetPPTPServer

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function.

CVSS 9.8

View Code

CVE-2024-57583 WRITEUP CRITICAL WRITEUP

Tenda AC18 V15.03.05.19 - OS Command Injection via usbName Parameter

Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function.

CVSS 9.8

View Code